Learning Guide: Spyware

A learning guide on spyware is a document that provides instructions on how to identify, remove, and protect against spyware. Spyware is a type of malicious software that is installed on a computer without the user’s knowledge or permission. Spyware can collect personal information, track web browsing activity, and display advertising. It can also slow … Read more

Human attack surface

A human attack surface is the portion of a system that is vulnerable to attack by a human adversary. This can include both physical and logical components, such as entry points, administrator interfaces, and user accounts. The goal of a human attack surface analysis is to identify and quantify the risks posed by human adversaries, … Read more

Google Hack Honeypot (GHH)

Google Hack Honeypot (GHH) is a type of honeypot designed to lure in hackers who are targeting Google systems. The honeypot is set up to look like a real Google system, but is actually a trap set by security researchers. When a hacker attempts to attack the honeypot, they are actually providing information to the … Read more

Password entropy

Password entropy is a measure of the strength of a password, in terms of the information entropy of the password. The higher the entropy, the more difficult it is to guess the password. There are a number of ways to calculate the entropy of a password, but the most common is to use the Shannon … Read more

Island hopping attack

An “Island hopping attack” is a type of network attack in which an attacker targets a small number of nodes in a network in order to reach a larger number of targets. This type of attack is often used to target high-value nodes in a network, such as servers or routers, in order to gain … Read more

Computer security incident response team (CSIRT)

A computer security incident response team (CSIRT) is a team of individuals who are responsible for responding to computer security incidents. These teams are usually composed of security professionals who have experience in handling these types of incidents. The main goal of a CSIRT is to contain and mitigate the effects of security incidents. They … Read more

Going dark

The term “going dark” is used to describe a situation in which a communications system becomes unavailable or difficult to monitor. This can happen for a variety of reasons, including technical problems, deliberate actions by users to make their communications more private, or government efforts to block or limit access to the system. Going dark … Read more

Asymmetric cyber attack

An asymmetric cyber attack is an attack in which the attacker has a significant advantage over the defender in terms of resources, knowledge, or skill. The term is often used to describe attacks in which the attacker is able to exploit a weakness in the defense that the defender is not aware of. What is … Read more

Vulnerability management planning

Vulnerability management planning is a process of identifying, classifying, and prioritizing vulnerabilities in computer systems, networks, and software applications. The goal of vulnerability management planning is to reduce the risk of exploitation of vulnerabilities by creating and maintaining a schedule of security updates and patches. The first step in vulnerability management planning is to identify … Read more

Piggybacking

Piggybacking is the unauthorized use of another person’s wireless Internet connection. For example, if you have a laptop with a wireless card and you drive by a coffee shop that offers free wireless Internet access, you may be able to connect to the Internet if the coffee shop’s security is not set up properly. Piggybacking … Read more